Remote Code Execution Vulnerability in Edimax BR-6473AX Router
CVE-2025-56706

8HIGH

Key Information:

Vendor

Edimax

Status
Vendor
CVE Published:
16 September 2025

What is CVE-2025-56706?

A significant remote code execution vulnerability has been identified in the Edimax BR-6473AX router, specifically affecting version 1.0.28. The flaw arises from improper handling of the Object parameter in the openwrt_getConfig function, allowing attackers to inject and execute arbitrary code remotely. This could lead to unauthorized access and manipulation of network resources, posing severe risks to users and their data. It is critical for users to apply appropriate security measures to mitigate the potential exploitation of this vulnerability.

References

CVSS V3.1

Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.